SOC BRIEFING: Amazon Bedrock Multi-Agent AI Attack Surface

SUMMARY:
Unit 42 identified new attack surfaces and prompt injection vulnerabilities in Amazon Bedrock's multi-agent AI applications. This matters because prompt injection can bypass AI safety controls, leading to unauthorized data access, lateral movement, or malicious code execution within cloud environments.

TRIAGE:
Medium — No active CVEs or exploits in the wild yet, but this represents an emerging threat class. Prioritize if your organization uses Amazon Bedrock or multi-agent LLM deployments.

IOC HUNT:
1. CloudTrail logs: Search for `bedrock:InvokeAgent` or `bedrock:InvokeModel` calls with unusual input payloads containing prompt injection patterns (e.g., "ignore previous instructions," "system override").
2. Application logs: Query for unexpected agent-to-agent communication, unusual tool/API calls initiated by agents, or responses containing injected commands.
3. Splunk/KQL: `source="bedrock" OR source="aws_cloudtrail" | search "InvokeAgent" | stats count by user_identity, source_ip, input_tokens | where count > threshold`

MITRE:
- T1059.004 — Command and Scripting Interpreter (Prompt Injection variant)
- T1190 — Exploit Public-Facing Application
- T1021.004 — Remote Services: SSH (lateral movement post-injection)

ACTION:
Review and enforce input validation/sanitization on all Bedrock agent invocations. Implement prompt guardrails and monitor agent outputs for anomalous behavior. If using multi-agent systems, isolate agent permissions to least-privilege IAM roles immediately.

SOC BRIEFING: Axios Supply Chain Attack

SUMMARY:
A supply chain attack targeted Axios, compromising the software distribution mechanism to deliver malware to downstream users. This represents a high-risk vector affecting potentially numerous organizations that depend on Axios components.

TRIAGE:
HIGH — Immediate investigation priority. Supply chain compromises have broad blast radius and often evade initial detection. Determine if your organization uses Axios and whether affected versions are deployed.

IOC HUNT:
1. Package Repository Logs — Query npm registry, pip, or relevant package manager logs for Axios package downloads between attack window dates; correlate with internal deployment records.
2. Process Execution — Hunt for suspicious child processes spawned by Node.js/application processes loading Axios; look for unsigned executables, network connections to unknown C2, or credential access attempts.
3. File Integrity — Search endpoint logs for unexpected modifications to `node_modules/axios/` directory or unexpected binary execution from package installation paths.

MITRE:
- T1195.002 — Supply Chain Compromise (Compromised Software)
- T1566.002 — Phishing: Spearphishing Link (if initial compromise vector)
- T1059 — Command and Scripting Interpreter (dropper execution)
- T1070 — Indicator Removal (forensic cleanup noted in attack chain)

ACTION:
Immediately audit all Axios versions in use across development and production environments. Cross-reference against Unit 42's published IOCs and affected version list. Isolate and patch or remove compromised versions; review deployment logs for execution artifacts.

SOC BRIEFING: TeamPCP Supply Chain Attack Partnership

SUMMARY:
TeamPCP threat group has announced a partnership with Vect ransomware operators and continues executing multi-stage supply chain attacks targeting security infrastructure. This alliance significantly increases attack sophistication and ransomware deployment risk across customer bases of compromised security vendors.

TRIAGE:
HIGH — Immediate investigation priority. Supply chain compromises have broad blast radius; partnership with ransomware group indicates intent to monetize access at scale.

IOC HUNT:
1. Endpoint/Network: Search for suspicious outbound connections from security software processes to unknown C2 infrastructure; monitor for unsigned or recently-modified binaries in security tool directories.
2. Log Source: Review software update/patch deployment logs for anomalous timing, sources, or payloads; cross-reference with vendor release schedules.
3. Query Example (Splunk): `index=main source=*security_software* (process_name=*update* OR process_name=*install*) NOT (parent_process=*windows\system32*) | stats count by host, process_hash`

MITRE:
- T1195.002 — Supply Chain Compromise: Software Supply Chain
- T1195.003 — Supply Chain Compromise: Hardware Supply Chain
- T1566.002 — Phishing: Spearphishing Link
- T1204.001 — User Execution: Malicious Link

ACTION:
Immediately audit all security software deployments in your environment for unsigned updates or unexpected version changes in the last 30 days; isolate any suspicious instances and preserve logs for forensics before patching.

SOC BRIEFING: GCP Vertex AI "Double Agent" Vulnerability

SUMMARY:
Unit 42 identified a privilege escalation flaw in Google Cloud Vertex AI where overprivileged AI agents can be manipulated to compromise cloud environments. This represents a significant blind spot in GCP security posture, as AI agents operating with excessive IAM permissions can be weaponized to access sensitive data and lateral move within cloud infrastructure.

TRIAGE:
HIGH — Immediate investigation priority for organizations running Vertex AI agents in production. While no CVE/CVSS exists yet, the attack chain is practical and exploitable. Escalate if your environment uses Vertex AI with service accounts holding broad permissions.

IOC HUNT:
1. GCP Cloud Audit Logs: Filter for `protoPayload.methodName` containing "aiplatform.googleapis.com" AND `protoPayload.status.code != 0` (failed AI agent operations may indicate exploitation attempts)
2. IAM Activity: Query for service accounts used by Vertex AI agents with `roles/editor`, `roles/owner`, or `roles/iam.securityAdmin` — flag overprivileged bindings created in last 30 days
3. Splunk/KQL: `resource.type="aiplatform.googleapis.com" | stats count by protoPayload.request.agent, protoPayload.authenticationInfo.principalEmail` — identify unusual agent-to-principal relationships

MITRE:
- T1078.004 — Valid Accounts (Cloud Accounts)
- T1548.004 — Abuse Elevation Control Mechanism (IAM privilege escalation)
- T1526 — Cloud Service Discovery (agent reconnaissance of cloud resources)

ACTION:
Audit all Vertex AI service account IAM bindings immediately. Apply principle of least privilege: remove `roles/editor` and replace with granular custom roles limited to required APIs (e.g., `aiplatform.googleapis.com/predict` only). Document findings in ticket for cloud security team review within 24 hours.

SOC BRIEFING: Iranian Cyber Activity Escalation (March 2026)

SUMMARY:
Unit 42 reports escalated Iranian cyberattack activity including phishing campaigns, hacktivist operations, and cybercrime initiatives. This represents a notable uptick in threat tempo requiring immediate defensive posture review across email and network perimeters.

TRIAGE:
HIGH — No active exploits or zero-days identified (CVSS 0.0), but phishing campaigns pose immediate compromise risk. Prioritize email gateway and endpoint logs for the next 24 hours.

IOC HUNT:
1. Email Gateway Logs: Search for phishing indicators — filter on suspicious sender domains, newly registered domains (WHOIS <30 days), and emails with malicious attachment types (.exe, .scr, .zip containing scripts).
2. Endpoint/EDR: Query for process execution from temp directories and suspicious PowerShell/cmd activity; correlate with email delivery timestamps.
3. Splunk/KQL Query Template:
```
index=email sourcetype=mail_log recipient=* earliest=-24h
| search sender_domain IN (newly_registered_domains) OR attachment_type IN (exe, scr, zip)
```

MITRE:
- T1566.002 — Phishing: Spearphishing Link
- T1566.001 — Phishing: Spearphishing Attachment
- T1598 — Phishing for Information

ACTION:
Immediately review and reinforce email filtering rules; block newly identified malicious sender domains at the gateway and issue internal alert to users on phishing indicators. Request full Unit 42 report for IOC list.

SOC BRIEFING: Southeast Asian Government Cyberespionage Campaign

SUMMARY:
Unit 42 identified multiple coordinated cyberespionage clusters targeting a Southeast Asian government organization using USBFect malware, RATs, and loaders. This represents a converging threat landscape where multiple threat actors are simultaneously targeting the same government entity, indicating high-value intelligence collection objectives.

TRIAGE:
HIGH — No active CVE exploitation or widespread impact detected, but persistent espionage activity against government infrastructure demands immediate investigation. Prioritize if your organization operates in Southeast Asia or supports government clients in the region.

IOC HUNT:
1. Endpoint/Memory: Hunt for USBFect signatures, RAT command-and-control callbacks, and loader execution patterns in process memory and network logs
2. Network: Query DNS/proxy logs for C2 domains and suspicious outbound connections from government-sector systems
3. USB Activity: Monitor Windows event logs (Event ID 4663, 4656) and endpoint detection for unauthorized USB device access and file transfers

MITRE:
- T1566.002 — Phishing: Spearphishing Attachment
- T1566.001 — Phishing: Spearphishing Link
- T1059.003 — Command and Scripting Interpreter: Windows Command Shell
- T1071.001 — Application Layer Protocol: Web Protocols
- TA0011 — Command and Control

ACTION:
Immediately isolate and forensically image any systems showing USBFect or RAT indicators. Disable USB ports on government-sector workstations pending full threat assessment. Escalate to CISO and relevant government liaisons.

SOC BRIEFING: Palo Alto Networks Impersonation Recruitment Phishing

SUMMARY:
Unit 42 identified an active phishing campaign impersonating Palo Alto Networks' talent acquisition team, targeting senior professionals with fraudulent job offers and fake resume processing fees. This threat matters because it exploits trust in a recognized security vendor to compromise high-value targets who may have access to sensitive systems or information.

TRIAGE:
Severity: HIGH
Investigation Priority: Immediate — focus on email logs and credential compromise indicators for the past 30 days.

IOC HUNT:
1. Email Gateway Logs: Search for messages claiming to be from Palo Alto Networks HR/recruiting domains with requests for resume fees, payment processing, or credential verification.
- KQL: `EmailEvents | where SenderDisplayName contains "Palo Alto" and (Subject contains "recruiting" or Subject contains "resume fee")`
2. Splunk Query: `index=email sender="*paloaltonetworks*" OR sender="*panw*" | search "fee" OR "payment" OR "resume" | stats count by sender, recipient`
3. Endpoint/Web Logs: Hunt for credential submission to non-corporate domains or payment gateway interactions from user machines.

MITRE:
- T1566.002 – Phishing: Spearphishing Link
- T1598.003 – Phishing for Information: Spearphishing Link
- T1589.001 – Gather Victim Identity Information: Credentials

ACTION:
Issue immediate alert to all staff: Do not respond to unsolicited recruiting emails requesting fees or personal information. Forward suspected phishing to security team. Cross-reference identified recipients against credential compromise databases (HaveIBeenPwned, internal breach monitoring).

SOC BRIEFING: Google Cloud Authenticator Analysis

SUMMARY:
Unit 42 published technical analysis of Google's synced passkey architecture used in passwordless authentication systems, detailing key management mechanisms and secure communication protocols. This is educational threat intelligence on authentication mechanisms rather than an active threat—relevant for understanding attack surface and defensive posture around credential systems.

TRIAGE:
Medium — Informational priority. No CVEs, exploits, or active incidents reported. Review for architectural awareness and potential gaps in your passwordless authentication implementations.

IOC HUNT:
1. Authentication logs: Search for unusual passkey enrollment or sync events in Google Workspace/Cloud Identity audit logs (look for `ACCOUNT_DISABLED_PASSKEY`, `PASSKEY_CREATED`, `PASSKEY_SYNCED`)
2. Splunk query: `index=auth sourcetype=gcp_audit protoPayload.methodName="*passkey*" OR protoPayload.methodName="*authenticator*"`
3. KQL (Azure): `AADSignInEventsBeta | where AuthenticationProtocol contains "passkey" or AuthenticationDetails contains "passwordless"`

MITRE:
- T1556.006 — Modify Authentication Process: Multi-Factor Authentication (defensive context—understand passkey implementation)
- T1187 — Forced Authentication (understand sync mechanisms to detect abuse)

ACTION:
Audit your organization's passkey/passwordless authentication policies: verify synced credentials are restricted to managed devices only, confirm MFA requirements remain in place for sensitive accounts, and document which applications support passkey authentication to identify gaps in coverage.

SOC BRIEFING: Retail Fraud via Agentic AI

SUMMARY:
Palo Alto Unit 42 has published research on retail fraud exploitation using agentic AI systems, focusing on prompt injection attacks that manipulate AI agents into unauthorized transactions or data exfiltration. This represents an emerging attack vector against e-commerce and retail infrastructure where AI agents handle customer interactions and payment processing.

TRIAGE:
Medium — No active CVE or widespread exploitation confirmed. Prioritize investigation only if your organization deploys autonomous AI agents in customer-facing retail systems (chatbots, checkout automation, inventory agents). If not applicable, defer to awareness phase.

IOC HUNT:
1. Web Application Logs: Search for unusual prompt patterns in chatbot/AI agent input logs—look for injection keywords ("ignore previous instructions," "execute command," "bypass validation").
2. Transaction Logs: Query for transactions initiated by AI agents with anomalous patterns (high velocity, unusual SKUs, mismatched customer profiles, failed authorization attempts followed by success).
3. API Logs: Hunt for AI agent API calls with unexpected parameters or repeated calls to payment/inventory endpoints within short timeframes.

MITRE:
- T1589 (Gather Victim Identity Information) — AI agents tricked into exfiltrating customer data
- T1566 (Phishing) — Prompt injection as social engineering variant
- T1190 (Exploit Public-Facing Application) — Manipulation of AI agent logic

ACTION:
If you operate retail AI agents: Immediately audit prompt injection controls (input validation, output filtering, instruction isolation). Implement human-in-the-loop approval for high-value transactions initiated by AI agents. Review Unit 42 article for specific attack examples and defensive patterns.

SOC BRIEFING: AI-Enhanced Malware Threat Landscape

SUMMARY:
Unit 42 published research documenting the evolving integration of AI capabilities into malware, ranging from basic implementations to sophisticated autonomous decision-making systems. This matters because AI-augmented malware can adapt evasion tactics, optimize payload delivery, and make real-time targeting decisions—significantly outpacing traditional signature-based detection.

TRIAGE:
Medium — This is a strategic threat assessment, not an active incident. Prioritize after critical/high alerts, but review within 24 hours to update detection baselines.

IOC HUNT:
1. Endpoint logs: Search for unusual Python/ML library imports (`tensorflow`, `pytorch`, `scikit-learn`) in process execution or script analysis.
2. Network logs: Hunt for connections to known ML model repositories (HuggingFace, GitHub raw content, model hosting services) from non-development systems.
3. Splunk/KQL: `(process_name="python.exe" OR process_name="powershell.exe") AND (command_line="*import torch*" OR command_line="*import tensorflow*")`

MITRE:
- T1566 (Phishing) — AI optimizes social engineering targeting
- T1027 (Obfuscation) — AI generates polymorphic evasion code
- T1105 (Ingress Tool Transfer) — AI-driven payload selection and delivery
- T1087 (Account Discovery) — AI reconnaissance automation

ACTION:
Review and update your YARA/Sigma rules to flag suspicious ML library usage and model file transfers. Coordinate with threat intel to monitor Unit 42's full research publication for IOCs and sample hashes.

SOC BRIEFING: AI Agent Security Risks

SUMMARY:
Palo Alto Networks Unit 42 published guidance on security risks associated with AI agents operating with excessive privileges in enterprise environments. This matters because autonomous AI systems with broad permissions can become attack vectors or cause unintended security breaches if compromised or misconfigured.

TRIAGE:
Medium — No active CVE or exploit detected. Prioritize after critical incidents, but review before deploying new AI agents in your environment.

IOC HUNT:
1. Search logs for AI agent/LLM API calls with overly broad permissions: `index=main source=api_logs action=* user=*_agent | stats count by action, user`
2. Hunt for unusual AI agent behavior: `index=main process=*agent* OR process=*llm* | where status=error OR status=unauthorized | stats count by process, error_code`
3. Review IAM logs for service accounts tied to AI tools: `index=main sourcetype=aws:cloudtrail userAgent=*agent* OR userAgent=*ai*`

MITRE:
- T1078 (Valid Accounts) — Compromised AI agent credentials
- T1548 (Abuse of Elevation Control Mechanism) — Excessive privilege escalation
- T1526 (Cloud Service Discovery) — AI agents enumerating cloud resources

ACTION:
Audit all AI agent service accounts in your environment and apply principle of least privilege: restrict to only required APIs, resources, and actions. Document findings in your next security review.

SOC BRIEFING: LLM Prompt Fuzzing Vulnerability Research

SUMMARY:
Unit 42 published research demonstrating that both open-source and commercial LLMs remain vulnerable to prompt fuzzing attacks using genetic algorithm-inspired techniques, allowing attackers to bypass safety guardrails at scale. This matters because it reveals systematic weaknesses in GenAI security controls that could enable prompt injection, jailbreaking, and unauthorized model behavior across enterprise deployments.

TRIAGE:
Medium — Research disclosure, not active exploitation. No CVE, no CISA KEV listing, and 0.0 CVSS/EPSS. Prioritize if your organization uses LLMs in production (ChatGPT, Claude, open models); otherwise defer to next planning cycle.

IOC HUNT:
1. LLM API logs: Search for unusual prompt patterns with repeated character substitution, encoding tricks, or adversarial tokens (e.g., `rot13`, `base64`, `leetspeak` variants of restricted keywords).
2. Query example (Splunk): `sourcetype=llm_api | regex prompt="(jailbreak|bypass|ignore.*instruction|pretend)" | stats count by user, model, prompt_hash`
3. Web proxy/WAF logs: Hunt for requests to LLM endpoints with abnormally long or obfuscated payloads; flag requests attempting to override system prompts.

MITRE:
- T1589.002 — Gather Victim Identity Information (reconnaissance of model behavior)
- T1566.002 — Phishing: Spearphishing Link (prompt injection via user input)
- T1059.008 — Command and Scripting Interpreter: Python (fuzzing automation)

ACTION:
Audit your LLM deployment configurations: verify system prompt immutability, enable input validation/sanitization, and implement rate-limiting on API calls. If using third-party LLM services, request their current guardrail testing methodology and patch timeline from vendors.

SOC BRIEFING: Boggy Serpens

SUMMARY:
Iranian threat group Boggy Serpens is actively evolving their cyberespionage capabilities with AI-enhanced malware and sophisticated social engineering tactics. This represents an escalation in their operational sophistication and warrants immediate visibility into your environment for indicators of compromise.

TRIAGE:
HIGH — No active CVE exploitation or widespread outbreak detected, but persistent nation-state activity targeting your sector requires proactive hunting and monitoring. Investigate if your organization matches their targeting profile.

IOC HUNT:
1. Email Gateway Logs — Hunt for spear-phishing campaigns with social engineering lures; search for unusual sender domains impersonating trusted contacts or vendors.
2. Endpoint Process Execution — Query for suspicious Python/PowerShell scripts, AI model libraries (TensorFlow, PyTorch), or obfuscated payloads; correlate with network beacons to C2 infrastructure.
3. Network DNS/Proxy Logs — Search for connections to newly registered domains or Iranian IP space; cross-reference with Unit 42's published IOCs from the full threat assessment.

MITRE:
- T1566.002 — Phishing: Spearphishing Link
- T1566.001 — Phishing: Spearphishing Attachment
- T1059.006 — Command and Scripting Interpreter: Python
- T1071.001 — Application Layer Protocol: Web Protocols
- T1598 — Phishing for Information

ACTION:
Pull the full Unit 42 Boggy Serpens report immediately; extract all published IOCs (domains, IPs, file hashes) and load into your SIEM/EDR for 30-day retroactive hunt and forward detection.

SOC BRIEFING: Iranian Cyber Threat Evolution

SUMMARY:
Iranian threat actors are shifting tactics from destructive MBR wiper malware to identity-based attacks and abuse of legitimate administrative tools, reducing detection signatures while increasing persistence and lateral movement capability. This evolution represents a strategic pivot toward stealthier, longer-dwell operations that bypass traditional malware defenses.

TRIAGE:
Medium — Monitor for behavioral indicators; no active CVE or widespread exploitation detected. Prioritize if your environment has Iranian-linked activity history or critical identity infrastructure.

IOC HUNT:
1. Identity logs: Search for anomalous admin tool usage (PsExec, WinRM, RDP) from non-standard accounts or off-hours; filter for failed then successful authentication chains.
2. Endpoint process creation: Hunt for legitimate tools (rundll32, certutil, wmic) spawning from user temp directories or AppData paths.
3. Network egress: Monitor for connections to known Iranian ASNs or proxy infrastructure; correlate with credential access events.

MITRE:
- T1078 — Valid Accounts (Credential Access)
- T1570 — Lateral Tool Transfer (Lateral Movement)
- T1021 — Remote Services (Lateral Movement)
- T1588 — Obtain Capabilities (Resource Development)

ACTION:
Audit and enforce MFA on all administrative accounts and privileged identity management (PIM) solutions; review last 90 days of admin tool execution logs for anomalies tied to non-standard user accounts.

SOC BRIEFING: Handala Hack Wiper Campaign

SUMMARY:
Iran-linked threat actor Handala Hack (Void Manticore) is actively deploying wiper malware via phishing and compromised Microsoft Intune access. Wiper attacks result in permanent data destruction and system unavailability, making this a critical destructive threat.

TRIAGE:
CRITICAL — Immediate investigation required. Wiper attacks cause irreversible damage; containment speed is essential.

IOC HUNT:
1. Intune logs: Search for suspicious device enrollment, policy deployments, or remote actions from unfamiliar admin accounts in the last 7 days.
- `DeviceManagementActivity | where ActionType contains "Deploy" or ActionType contains "Enroll"`
2. Email gateway: Hunt phishing emails with malicious attachments or credential-harvesting links targeting Intune/O365 admins.
- `EmailEvents | where SenderFromAddress not in (trusted_domains) and (Subject contains "Intune" or Subject contains "Microsoft")`
3. Endpoint telemetry: Search for wiper-associated process execution (file deletion at scale, MBR/partition table writes).
- `DeviceProcessEvents | where ProcessName contains "cipher" or ProcessName contains "format" or CommandLine contains "wmic logicaldisk"`

MITRE:
- T1566.002 — Phishing: Spearphishing Link
- T1199 — Trusted Relationship (Intune abuse)
- T1561 — Disk Wipe
- T1485 — Data Destruction

ACTION:
Immediately audit Intune admin accounts for unauthorized access: review login anomalies, MFA bypass attempts, and policy changes in the last 14 days. Revoke suspicious sessions and reset credentials for any compromised admins.

SOC BRIEFING: TA416 Campaign Against European Governments

SUMMARY:
China-linked threat actor TA416 is actively targeting European government and diplomatic organizations with PlugX malware and OAuth-based phishing since mid-2025, marking a significant shift after two years of reduced regional activity. This represents a coordinated espionage campaign against high-value political targets with potential for credential compromise and persistent network access.

TRIAGE:
HIGH — Immediate investigation priority. No exploited CVEs, but phishing + PlugX combination enables credential theft and remote code execution. European government entities are confirmed targets.

IOC HUNT:
1. Email Gateway Logs: Search for OAuth consent phishing emails; filter for suspicious redirect domains and abnormal sender patterns targeting .gov/.eu domains
2. Endpoint/EDR: Hunt for PlugX indicators — look for suspicious child processes from Office applications, unusual network connections to C2 infrastructure, and registry modifications associated with persistence mechanisms
3. Network/Proxy Logs: Monitor for PlugX C2 beaconing patterns; correlate with known TA416 infrastructure IPs/domains (request from threat intel team if not in your feeds)

MITRE:
- T1566.002 — Phishing: Spearphishing Link
- T1528 — Steal Application Access Token
- T1059.001 — Command and Scripting Interpreter: PowerShell
- T1547.001 — Boot or Logon Autostart Execution: Registry Run Keys
- TA0001 (Initial Access) | TA0006 (Credential Access) | TA0008 (Lateral Movement)

ACTION:
Immediately audit OAuth application permissions and recent consent grants across your organization; revoke any suspicious third-party app access. Escalate any PlugX detections to incident response and isolate affected systems.

SOC BRIEFING: Cookie-Controlled PHP Web Shells on Linux

SUMMARY:
Threat actors are deploying PHP web shells on Linux servers that use HTTP cookies as command control channels instead of URL parameters, evading traditional detection. This technique enables persistent remote code execution and is difficult to identify in standard web logs.

TRIAGE:
High — Investigate immediately if you operate Linux web servers. No active CVE or widespread exploitation confirmed yet, but the obfuscation method bypasses common detection rules.

IOC HUNT:
1. Web Access Logs: Search for POST/GET requests with suspicious cookie values (base64, hex, or encoded payloads) to .php files
- Splunk: `sourcetype=access_combined *.php | stats values(Cookie) by src_ip, uri`
- KQL: `SecurityEvent | where Process contains ".php" and EventData contains "cookie"`
2. Cron Jobs: Audit `/var/spool/cron/` and `/etc/cron.d/` for recently modified or suspicious scheduled tasks
3. PHP Error Logs: Search for eval(), system(), or exec() calls triggered by cookie variables

MITRE:
- T1190 — Exploit Public-Facing Application
- T1505.004 — Server Software Component (Web Shell)
- T1053.006 — Scheduled Task/Job (Cron)
- T1071.001 — Application Layer Protocol (HTTP)

ACTION:
1. Immediately review web server access logs for the past 30 days filtering for cookie-based payloads
2. Disable PHP execution in web-accessible directories where not required
3. Implement WAF rules to block suspicious cookie patterns and restrict cookie size/encoding

SOC BRIEFING: UNC1069 Axios npm Supply Chain Attack

SUMMARY:
North Korean threat actors (UNC1069) compromised the Axios npm package maintainer through targeted social engineering, gaining potential access to a widely-used JavaScript library with millions of weekly downloads. This represents a critical supply chain risk affecting any organization using Axios in production environments.

TRIAGE:
CRITICAL — Immediate investigation required. Axios is a foundational dependency in countless applications; any malicious code injection could affect downstream users at scale.

IOC HUNT:
1. npm Registry Logs: Search for unusual package versions of `axios` published after the compromise date; compare checksums against known-good releases
2. Dependency Audit: Run `npm audit` and `npm ls axios` across all development/production environments to identify installed versions and flag any between compromise window and patch release
3. Network/Proxy Logs: Hunt for suspicious outbound connections from systems running compromised Axios versions to unknown C2 infrastructure or data exfiltration endpoints

MITRE:
- T1195.001 — Supply Chain Compromise (Compromise Software Dependencies)
- T1566.002 — Phishing (Spearphishing Link)
- T1598.003 — Phishing for Information (Spearphishing Link)

ACTION:
Immediately update Axios to the latest patched version across all systems and verify no malicious code was injected into your dependency tree. Rotate any credentials or tokens that may have been exposed on systems running compromised versions during the attack window.

SOC BRIEFING: Third-Party Risk Management Gap

SUMMARY:
Third-party vendors and SaaS tools represent a critical blind spot in most organizations' security posture, with breaches increasingly originating from trusted external partners rather than direct attacks. This gap requires immediate visibility into vendor access, credentials, and data flows to prevent supply chain compromise.

TRIAGE:
High — Not an active incident, but a systemic vulnerability requiring urgent assessment. Prioritize inventory of all third-party access and SaaS applications within 48 hours.

IOC HUNT:
1. Query active SaaS/cloud app connections: Search proxy/firewall logs for unexpected or unapproved SaaS domains (Splunk: `sourcetype=firewall action=allowed | stats dc(dest_ip) by user, dest_domain | where dc(dest_ip) > 5`)
2. Identify dormant vendor accounts: Query Active Directory for service accounts with no recent login activity (`lastLogonTimestamp < 90 days ago AND objectClass=user AND description=*vendor*`)
3. Monitor third-party credential usage: Check authentication logs for logins from non-corporate IP ranges tied to vendor accounts (Splunk: `sourcetype=auth user=*vendor* OR user=*contractor* | stats values(src_ip) by user`)

MITRE:
- T1199 — Trusted Relationship (initial access via vendor compromise)
- T1078 — Valid Accounts (leveraging vendor credentials)
- T1087 — Account Discovery (reconnaissance of vendor access)

ACTION:
Conduct immediate inventory of all active third-party vendor accounts and SaaS applications with data access. Document owner, access level, and last review date. Revoke any accounts without documented business justification within 72 hours.

THREAT BRIEFING: SparkCat Mobile Malware Variant

SUMMARY:
A new SparkCat malware variant has been discovered in legitimate app stores (Apple App Store and Google Play Store) disguised as benign applications like messengers and food delivery services. The malware targets mobile users to steal cryptocurrency wallet recovery phrases, posing direct financial risk to any organization or user with mobile crypto exposure.

TRIAGE:
HIGH — Immediate investigation priority. While no CVE/CVSS exists, the malware's presence in official app stores and direct access to sensitive financial data (wallet recovery phrases) creates significant compromise risk. Escalate if any users have installed suspicious messenger or food delivery apps in the past 12+ months.

IOC HUNT:
1. Mobile Device Management (MDM) logs — Query for app installations matching known SparkCat delivery apps (enterprise messengers, food delivery services); cross-reference against official app store metadata for version anomalies.
2. Network egress logs — Hunt for unusual outbound connections from mobile devices to known C2 infrastructure; filter on image file exfiltration patterns (wallet recovery phrase screenshots).
3. Endpoint Detection & Response (EDR) — Search for screenshot capture permissions requested by non-standard apps; flag apps requesting camera/gallery access combined with network activity.

MITRE:
- T1204.001 — User Execution: Malicious Link (app store distribution)
- T1113 — Screen Capture (wallet recovery phrase theft)
- T1041 — Exfiltration Over C2 Channel (image data theft)
- T1036.005 — Masquerading: Match Legitimate Name or Location (benign app disguise)

ACTION:
Issue immediate user alert: Do NOT install or update messenger or food delivery apps from app stores until verified. Advise users with cryptocurrency wallets to assume compromise if they installed suspicious apps in the past year and rotate wallet recovery phrases immediately. Request MDM push a block policy for unverified app store applications.